Optimize method calls, by caching specific function values within the Structure.
The new opcode is used almost like an x86 opcode prefix byte to optimize op_get_by_id,
where the property access is being used to read a function to be passed to op-call (i.e.
'foo.bar();'). This patch modifies the Structure class such that when a property is
put to an object for the first time we will check if the value is a function. If it is,
we will cache the function value on the Structure. A Structure in such a state guarantees
that not only does a property with the given identifier exist on the object, but also that
its value is unchanged. Upon any further attempt to put a property with the same identifier
(but a different value) to the object, it will transition back to a normal Structure (where
it will guarantee the presence but not the value of the property).

op_method_check makes use of the new information made available by the Structure, by
augmenting the functionality of op_get_by_id. Upon generating a FunctionCallDotNode a
check will be emitted prior to the property access reading the function value, and the JIT
will generate an extra (initially unlinked but patchable) set of checks prior to the regular
JIT code for get_by_id. The new code will do inline structure and prototype structure check
(unlike a regular get_by_id, which can only handle 'self' accesses inline), and then performs
an immediate load of the function value, rather than using memory accesses to load the value
from the obejct's property storage array. If the method check fails it will revert, or if
the access is polymorphic, the op_get_by_id will continue to operate - and optimize itself -
just as any other regular op_get_by_id would.

WebView/WebView.mm:
(needsUnwantedScrollBarWorkaround): Added. Checks if this is a panel
where scroll bars are unwanted. For safety, limited to only Apple applications.
(-[WebView viewDidMoveToWindow]): If the workaround is needed, disallow
scrolling the main frame. This prevents scroll bars from appearing.

Remove redudant member from Chromium's ResourceRequest. We already
have this data in the cross-platform ResourceRequestBase. Also, rename
ChromiumBridge parameter to be consistant with the new name for this
piece of data.

Made the global-function-resolve test independent of hashing order
by using a fixed set of properties. This also removes the need for us
to update this test every time we add something to the window object or
the js-test-pre.js family of scripts.

fast/js/global-function-resolve-expected.txt: Updated.

fast/js/resources/global-function-resolve.js: Use a fixed array instead
of using all property names from the global object; also made other small
changes that don't have an effect on the substance of the test.

remove a test that was supposed to test the text/* change to MIME
types from r43979, since the change was rolled out, and the test seems
to be ineffective anyway, since it was passing on Mac after rolling
out the change.

Refactor JIT code-handle objects. The representation of generated code is currently
a bit of a mess. We have a class JITCode which wraps the pointer to a block of
generated code, but this object does not reference the executable pool meaning that
external events (the pool being derefed) could make the pointer become invalid.
To overcome this both the JIT and Yarr implement further (and similar) objects to
wrap the code pointer with a RefPtr to the pool. To add to the mire, as well as the
CodeBlock containing a handle onto the code the FunctionBodyNode also contains a
copy of the code pointer which is used almost (but not entirely) uniquely to access
the JIT code for a function.

Rationalization of all this:

Add a new type 'MacroAssembler::CodeRef' as a handle for a block of JIT generated code.

Change the JIT & Yarr to internally handle code using CodeRefs.

Move the CodeRef (formerly anow defunct JITCodeRef) from CodeBlock to its owner node.

Remove the (now) redundant code pointer from FunctionBodyNode.

While tidying this up I've made the PatchBuffer return code in new allocations using a CodeRef,
and have enforced an interface that the PatchBuffer will always be used, and 'finalizeCode()' or
'finalizeCodeAddendum()' will always be called exactly once on the PatchBuffer to complete code generation.

This gives us a potentially useful hook ('PatchBuffer::performFinalization()') at the end of generation,
which may have a number of uses. It may be helpful should we wish to switch our generation
model to allow RW/RX exclusive memory, and it may be useful on non-cache-coherent platforms to
give us an oportunity to cache flush as necessary.

platform/graphics/FontCache.cpp:
(WebCore::FontCache::purgeInactiveFontData): Deleting a SimpleFontData
can cause releaseFontData() to be called, which modifies
gInactiveFontData. Therefore, avoid deleting SimpleFontData instances
while iterating over gInactiveFontData and delete them afterwards.

page/DragController.cpp:
(WebCore::DragController::dragExited):
(WebCore::DragController::tryDHTMLDrag): Don't base our decision on KURL,
since that only looks at the text of the document's URL. Do base our
decision on the securityOrigin(), which knows more about the document's
actual origin.

Add support for MADV_FREE to TCMalloc_SystemRelease for platforms that
don't also support MADV_FREE_REUSE. The code is identical to the MADV_DONTNEED
case except for the advice passed to madvise(), so combining the two cases
makes the most sense.

wtf/Platform.h: Only define HAVE_MADV_FREE when not building on Tiger or
Leopard, because while it is defined on these platforms it actually does
nothing.

wtf/TCSystemAlloc.cpp:
(TCMalloc_SystemRelease): use MADV_FREE if it is available; otherwise use
MADV_DONTNEED.

platform/MIMETypeRegistry.cpp:
(WebCore::initializeSupportedNonImageMimeTypes):
(WebCore::MIMETypeRegistry::isSupportedNonImageMIMEType): Regard any
MIME type beginning with "text/" as supported and remove all "text/"
types from the list.

The debugger currently retrieves the arguments object from an activation rather than pulling
it from a call frame. This is unreliable to due to the recent optimization to lazily create
the arguments object. In the long-term it should stop doing that (<rdar://problem/6911886>),
but for now we force eager creation of the arguments object when debugging.

<rdar://problem/6902197> WebCore doesn't know about all of the MIME types supported by QTKit

Add a static table to map from some common file extensions to their MIME types so it
is possible to detect support even when the platform mapping is incomplete. Use the
table to lookup types not found by UTI on the OSX, and when looking for a media engine
with a generic or missing type.

platform/graphics/MediaPlayer.cpp:
(WebCore::MediaPlayer::load): When the type passed is empty, "application/octet-stream", or
"text/plain", try to look it up based on the file extension with getMediaMIMETypeForExtension.

platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
(WebCore::addFileTypesToCache): See if getMediaMIMETypeForExtension can map from file extension
to MIME type if UTI fails.

<rdar://problem/6883758> REGRESSION (r43143): First character typed with input method does
not go into inline hole (seen with Chinese & Kotoeri on top Chinese website www.baidu.com)

WebCoreSupport/WebEditorClient.mm: (WebEditorClient::respondToChangedSelection):
Call -[NSApplication updateWindows] to make AppKit re-fetch the input context when selection
changes. Since we use SelectionController to check whether the view is editable, it is
important not to re-fetch the context too early, e.g. from a focus changed notification.

I renamed m_document to m_documentUnderMouse to better document what it does
I could call it m_lastDocumentUnderMouse to be most-accurate, but this seemed
long enough.

I also saw copy/paste code involving clearing the selection when moving out of
one document and into another. I moved that code into a function called
mouseMovedIntoDocument.

I also got rid of a couple needless null-checks after confirming via source
inspection they were not ever possible.
In Mac WebKit it's not possible to have a Page that doesn't have a mainFrame()
I left an ASSERT(m_page->mainFrame()) in case some other port ever violates this.
It's also not possible to return a document from documentAtPoint that is not
in a frame (as such a document would not be rendered).

There are two times DragOperation is used. The source specifies
what drag operations it supports (in a mask) and the destination
picks a subset of those as DragOperations it supports if a drop were
to occur. I was confused when I first saw this accessor as to which
it meant. It turns out that this is only used when WebKit starts a
drag, and we keep it around so that we can provide this information
to other Mac OS X applications when they ask. I've renamed the method
for clarity so the next person in this code will be less confused.

runtime/NumberPrototype.cpp:
(JSC::integerPartNoExp): replace strcpy() with memcpy(), ASSERT that the
temporary buffer has sufficient space to store the result, and move the
explicit null-termination closer to the memcpy() for easier visual inspection
of the code.
(JSC::fractionalPartToString): replace strcpy() with memcpy(), and ASSERT
that the temporary buffer has sufficient space to store the result. There
is no explicit null-termination because this is done by the caller. The
same is already true for exponentialPartToString().
(JSC::numberProtoFuncToExponential): replace strcpy() with memcpy(), explicitly
null-terminate the result, and ASSERT that the temporary buffer has sufficient
space to store the result.

Install the four resources we are using. For the icons
where an icon name is specified by freedeskop.org try to
map the WebCore name to that name and fallback to the
internal icon. For everything else use the internal icon
name. Remove the temporary link stub as this is not
required any more.

The host function callback callObjCFallbackObject was not annotated
with JSC_HOST_CALL which meant that when it was called by the JIT, which
expects the JSC_HOST_CALL calling convention, the arguments are not in the
expected places.

bindings/v8/custom/V8DOMWindowCustom.cpp:
(WebCore::V8Custom::WindowSetTimeoutImpl): Moved from v8_custom.cpp.
(WebCore::isAscii): Moved from v8_custom.cpp.
(WebCore::convertBase64): Moved from v8_custom.cpp.
(WebCore::CALLBACK_FUNC_DECL): Moved from v8_custom.cpp.
(WebCore::eventNameFromAttributeName): Moved from v8_custom.cpp.
(WebCore::ACCESSOR_SETTER): Moved from v8_custom.cpp.
(WebCore::ACCESSOR_GETTER): Moved from v8_custom.cpp.
(WebCore::NAMED_ACCESS_CHECK): Moved from v8_custom.cpp.
(WebCore::INDEXED_ACCESS_CHECK): Moved from v8_custom.cpp.

KURL parsing changes back in r30243 and r30815 made javascript urls that use the form
"javascript://" be detected as invalid hierarchical URLs. When a KURL is marked as
invalid, you can no longer ask it a question such as "is your protocol javascript?"
Therefore FrameLoader wouldn't recognize them as javascript URLs and instead try to
navigated to them.

URL parsing rules aside, such URLs are in use in the wild (Microsoft's Virtual Earth
being a high profile example) and actually represent valid javascript.

Whenever checking for javascript urls, the new protocolIsJavaScript() should be used
as it functions on a String which doesn't have to pass KURLs parsing rules.

PluginPackageGtk.cpp and PluginPackageQt.cpp assigned _NPN_HasMethod
to hasproperty and _NPN_HasProperty to hashmethod. This commit is fixing
it. It is also adding test code to PluginObject.cpp and it will invoke
this code from a new test.

Adds a new handleFocusedUIElementChangedWithRenderers, only in the
GTK port, called at the same point than
handleFocusedUIElementChanged but with two parameters, the old and
the newly focused RenderObjects. We need this, since the ATK
signals require us to pass the objects involved in the focus
change as arguments.

With recent additions to ChromeClient.h empty defaults were
added. This is bad for porters as these changes go unnoticed
and at runtime no notImplemented warning is logged and grepping
for notImplemented will not show anything. Change this Client
to be like the other Clients again and always have pure virtuals
(but for stuff inside #ifdef PLATFORM(MAC)).

The problem is when a non visible QtPluginWidget would show it self
in a sibling frame. The problem was due to our clipping. In Qt,
if setMask is set with an empty QRegion, no clipping will
be performed, so in that case we hide the PluginContainer

Fix a bug where a non visible plugin would show it self in a
sibling frame. The problem was due to our clipping. In Qt,
if setMask is set with an empty QRegion, no clipping will
be performed, so in that case we hide the PluginContainer

Do not call the parent implementation (Widget::) in show() and hide()
of the PluginViewQt, as it always changes the visible state of the
platformWidget (equal to the platformPluginWidget in the Qt port),
thus ignoring the isParentVisible() test.

Replace WREC with YARR + YARR_JIT for the Qt port. This is only
used when compiled with JIT support for now, so it is a drop-in
replacement for the WREC usage. Still including the wrec headers
as they are being referred from RegExp.h, though the contents of
that header it protected by "#if ENABLE(WREC)".

We shouldn't paint the content area of text fields when o->style() has
background image or transparent background color. paintTextFieldInternal() is
used for painting inner area of HTML option elements by Chromium.

When we pass fillContentArea = true to ChromiumBridge::paintTextField, it hides
the background image rendered by RenderBoxModelObject. So, we should set
fillContentArea = false in such case.

Besides, when background-color:transparent is specified for CSS property,
o->style().backgroundColor returns black color with alpha channel == 0. But
since ThemeEngine for Windows behind ChromiumBridge::paintTextField cannot
recognize alpha channel, it fills the rect with black. I made workaround to set
fillContentArea = false when alpha channel == 0 to avoid this.

And more, I'd like to fallback the color passed to ChromiumBridge to white when
o->style()->backgroundColor() is invalid.

Commit r43890 caused:
svn: Can't convert string from 'UTF-8' to native encoding:
svn: LayoutTests/editing/pasteboard/resources/File With Spaces! For Dra?\204?\136gging?.gif
On both the windows and tiger buildbots. According to:​http://svnbook.red-bean.com/en/1.2/svn.advanced.l10n.html
this is intentional behavior, and due to the fact that the default
LC_CTYPE for Tiger and Windows makes Subversion think the filesystems
do not support utf8.

The fix would be to execute:
export LC_CTYPE=en_US.UTF-8
On all affected machines. But since that's not going to happen,
I'm removing the utf8 chars from this filename.

This makes the drag-drop test weaker, but I see no other option.

editing/pasteboard/resources/File With Spaces! For Dragging?.gif: Renamed from "LayoutTests/editing/pasteboard/resources/File With Spaces! For Dra\314\210gging?.gif".

editing/pasteboard/resources/file-input-files-access.js:
(moveMouseToCenterOfElement): use the unused argument
(runTest): fix to use the ansii name

interpreter/RegisterFile.cpp:
(JSC::RegisterFile::releaseExcessCapacity): Instead of doing complicated
math that sometimes used to overflow, just release the full range of the
register file.

interpreter/RegisterFile.h:
(JSC::isPageAligned):
(JSC::RegisterFile::RegisterFile): Added ASSERTs to verify that it's
safe to release the full range of the register file.

(JSC::RegisterFile::shrink): No need to releaseExcessCapacity() if the
new end is not smaller than the old end. (Also, doing so used to cause
numeric overflow, unmapping basically the whole process from memory.)

jit/JIT.cpp:
(JSC::JIT::privateCompileCTIMachineTrampolines): Add ENABLE(JIT_OPTIMIZE_CALL) guards
around the the optimize call only trampolines (virtualCallPreLink and virtualCallLink).
Update the trampolines to account for the new JSValue representation.
(JSC::JIT::unlinkCall): Use NULL instead of JSValue noValue.

jit/JITCall.cpp:
(JSC::JIT::compileOpCall): Update to account for the new JSValue representation
(JSC::JIT::compileOpCallSlowCase): Ditto.

We need to respect the DocumentLoader's request cache policy when deciding the cache policy
for subresources, but the check (originally removed in r39304 and added back in in the same
place in r41424) needs to be tweaked and relocated a bit.

loader/FrameLoader.cpp:
(WebCore::FrameLoader::subresourceCachePolicy): Renamed from cachePolicy(). Move checking
the DocumentLoader's request to a more appropriate place. Add code to handle the recently
added FIXME regarding POSTs. Add a new FIXME describing a great way to make this code
cleaner in the future.

Split InspectorController into InspectorController and InspectorFrontend. Latter encapsulates all frontend interaction and is the only entity allowed to make ScriptFunctionCalls. The further plan is to serialize these script function calls.

runtime/UString.h:
(JSC::operator==): Inline UString's operator==, since it is called from
hot places in the runtime. Also, specialize 2-char strings in a similar way to
1-char, since we're taking the hit of a switch anyway.

This modification adds a cookie framework to check setting cookies.
It is a simple modification over the js test framework. It uses some XHRs and custom server-side script
to set / get / clear cookies.

http/tests/cookies/resources/cookies-test-pre.js: Copied from LayoutTests/fast/js/resources/js-test-pre.js.
(setCookies): Internal method to set a cookie (multiple cookies are not supported).
(testCookies): Internal method to check if the cookie were set.

(clearAllCookies): Used to clear all pre-existing cookies for this domain.
(clearCookies): Used to clear the cookies set with cookiesShouldBe.
(cookiesShouldBe): Used to set a cookie and check the "Cookie" header sent. It is inspired from shouldBe from the js test framework.

I'm mostly just moving code, however there are 3 changes I made while moving, detailed below.

No functional changes, so no tests.

platform/mac/ClipboardMac.mm:
(WebCore::ClipboardMac::clearData):
(WebCore::absoluteURLsFromPasteboardFilenames):
Broke out logic for filenames into its own function to make the caller more readable.
(WebCore::absoluteURLsFromPasteboard):
Broke out logic from getData into absoluteURLsFromPasteboard. This returns an NSArray
so that we can use -[NSArray componentsJoinedByString] in the caller (which is
cleaner than the manual "\n" addition before).
This also access to the full list of file urls for future callers.
(WebCore::ClipboardMac::getData):
unsigned count = (type == "URL") ? 1 : [fileList count]; is now an
explicit check for "URL", before it was a check for != "text/uri-list" which
was much more confusing in my opinion. text/uri-list and URL are the only
two types which map to NSURLPboardType in cocoaTypeFromMIMEType().
(WebCore::ClipboardMac::types):
I removed an extra if (!types) check, right before [types count]. In Obj-C
messaging nil will return 0 (size of a pointer), so it's safe to message nil
here and expect it to return 0.

Refactor JIT code-handle objects. The representation of generated code is currently
a bit of a mess. We have a class JITCode which wraps the pointer to a block of
generated code, but this object does not reference the executable pool meaning that
external events (the pool being derefed) could make the pointer become invalid.
To overcome this both the JIT and Yarr implement further (and similar) objects to
wrap the code pointer with a RefPtr to the pool. To add to the mire, as well as the
CodeBlock containing a handle onto the code the FunctionBodyNode also contains a
copy of the code pointer which is used almost (but not entirely) uniquely to access
the JIT code for a function.

Rationalization of all this:

Add a new type 'MacroAssembler::CodeRef' as a handle for a block of JIT generated code.

Change the JIT & Yarr to internally handle code using CodeRefs.

Move the CodeRef (formerly anow defunct JITCodeRef) from CodeBlock to its owner node.

Remove the (now) redundant code pointer from FunctionBodyNode.

While tidying this up I've made the PatchBuffer return code in new allocations using a CodeRef,
and have enforced an interface that the PatchBuffer will always be used, and 'finalizeCode()' or
'finalizeCodeAddendum()' will always be called exactly once on the PatchBuffer to complete code generation.

This gives us a potentially useful hook ('PatchBuffer::performFinalization()') at the end of generation,
which may have a number of uses. It may be helpful should we wish to switch our generation
model to allow RW/RX exclusive memory, and it may be useful on non-cache-coherent platforms to
give us an oportunity to cache flush as necessary.

The problem was that after loading and displaying a CAPTCHA image, it was loaded from
the server again due to preloading. So, the server expected the last loaded (invisible)
CAPTCHA text to be typed and posted back.

I don't know how to make tests for preloading.

loader/DocLoader.cpp: (WebCore::DocLoader::checkForPendingPreloads): There is never a reason
to preload after loading for real - and if cache policy is CachePolicyReload, that actually
results in another load from network layer.

loader/FrameLoader.cpp: (WebCore::FrameLoader::cachePolicy): It's not good for cachePolicy()
to lie, but I don't know how to re-do r41425 properly. Added a FIXME.

[Qt] Reuse FontPlatformData for the same FontDescription.
This effectively prevents growing heap usage for loading every web page.

platform/graphics/qt/FontCacheQt.cpp:
(WebCore::qHash): Necessary for FontPlatformDataCache.
(WebCore::FontCache::getCachedFontPlatformData): Reuse the instance if
it exists, otherwise create a new one and insert it in the cache.